PHPAuth

What is it

PHPAuth is a secure user authentication class for PHP websites, using a powerful password hashing system and attack blocking to keep your website and users secure.

PHPAuth is work in progress, and not meant for people that doesn’t know how to program, its meant for people that know what they are doing.. We cannot help everyone because they dont understand this class..

attempts_before_verify : maximum amount of attempts to be made within attack_mitigation_time before requiring captcha. Default is 5

attempt_before_ban : maximum amount of attempts to be made within attack_mitigation_time before temporally blocking the IP address. Default is 30

password_min_score : the minimum score given by zxcvbn that is allowed. Default is 3

translation_source: source of translation, possible values: ‘sql’ (data from will be used), 'php' (default, translations will be loaded from languages/*.php), 'ini' (will be used languages/*.ini files)

table_translations : name of table with translation for all messages

table_attempts : name of table with all attempts (default is ‘phpauth_attempts’)

table_requests : name of table with all requests (default is ‘phpauth_requests’)

table_sessions : name of table with all sessions (default is ‘phpauth_sessions’)

table_users : name of table with all users (default is ‘phpauth_users’)

table_emails_banned : name of table with all banned email domains (default is ‘phpauth_emails_banned’)

CAPTCHA Implementation

If isBlocked() returns verify, then a CAPTCHA code should be displayed.
The method checkCaptcha($captcha) is called to verify a CAPTCHA code. By default this method returns true, but should be overridden to verify a CAPTCHA.

For example, if you are using Google’s ReCaptcha NoCaptcha, use the following code:

Message languages

The language for error and success messages returned by PHPAuth can be configured by passing in one of
the available languages as the third parameter to the Auth constructor. If no language parameter is provided
then the default en_GBlanguage is used.

Example: $auth = new PHPAuth\Auth($dbh, $config, "fr_FR");

Available languages:

ar-TN

cs_CZ

da_DK

de_DE

en_GB (Default)

es_MX

fa_IR

fr_FR

gr_GR

hu_HU

id_ID

it_IT

nl_BE

nl_NL

no_NB

pl_PL

ps_AF

pt_BR

ro_RO

ru_RU

se_SE

sk_SK

sl_SI

sr_RS

th_TH

tr_TR

uk_UA

vi_VN

Documentation

All class methods are documented in the Wiki
System error codes are listed and explained here

Contributing

Anyone can contribute to improve or fix PHPAuth, to do so you can either report an issue (a bug, an idea…) or fork the repository, perform modifications to your fork then request a merge.